Hello out there, I''ve got a little problem with shorewall 1.4.7 on Debian/Testing. The rule ACCEPT lan:192.168.1.0/24 lan:192.168.0.0/24 is never hit and connections are rejected. I need this rule because there is an ISDN router connected to the lan which connects to the 192.168.0.0 net via ISDN. Shorewall is just the default gateway and routes packets received on the eth1 back through eth1 to the ISDN router. In the meantime I solved the problem by adding an iptables command to /etc/shorewall/start which accepts those connections. Has anybody any idea how to solve this by a regular Shorewall rule? Regards Manfred -- manfred heubach edv und neue medien Hindenburgstr. 47 D-73728 Esslingen Tel. +49 711 9315824 Fax +49 711 9315825 www.heubach-edv.de Informationstechnologie und Telekommunikation f?r Unternehmen
On Mon, 27 Oct 2003, MH - Entwicklung wrote:> Hello out there, > > I''ve got a little problem with shorewall 1.4.7 on Debian/Testing. > > The rule > > ACCEPT lan:192.168.1.0/24 lan:192.168.0.0/24 > > is never hit and connections are rejected. > > > I need this rule because there is an ISDN router connected to the lan > which connects to the 192.168.0.0 net via ISDN. Shorewall is just the > default gateway and routes packets received on the eth1 back through > eth1 to the ISDN router. > > > In the meantime I solved the problem by adding an iptables command to > /etc/shorewall/start which accepts those connections. > > Has anybody any idea how to solve this by a regular Shorewall rule? >Set the ''routeback'' and ''newnotsyn'' options on your ''lan'' interface in /etc/shorewall/interfaces. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Thank you, and best regards. Manfred ----- Original Message ----- From: "Tom Eastep" <teastep@shorewall.net> To: "Shorewall Users Mailing List" <shorewall-users@lists.shorewall.net> Sent: Monday, October 27, 2003 5:27 PM Subject: Re: [Shorewall-users] Rule LAN to LAN not working> On Mon, 27 Oct 2003, MH - Entwicklung wrote: > > > Hello out there, > > > > I''ve got a little problem with shorewall 1.4.7 on Debian/Testing. > > > > The rule > > > > ACCEPT lan:192.168.1.0/24 lan:192.168.0.0/24 > > > > is never hit and connections are rejected. > > > > > > I need this rule because there is an ISDN router connected to the lan > > which connects to the 192.168.0.0 net via ISDN. Shorewall is just the > > default gateway and routes packets received on the eth1 back through > > eth1 to the ISDN router. > > > > > > In the meantime I solved the problem by adding an iptables command to > > /etc/shorewall/start which accepts those connections. > > > > Has anybody any idea how to solve this by a regular Shorewall rule? > > > > Set the ''routeback'' and ''newnotsyn'' options on your ''lan'' interface in > /etc/shorewall/interfaces. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >